Press

SANS Announces Results of Its 2014 Survey on Distributed Denial of Service (DDoS)

Enterprises Not Prepared to Mitigate DDoS Attacks; Deficiencies Center on Reliance on Production Infrastructure and Failure to Test Processes and Controls

Bethesda, MD

March 17, 2014

SANS announces results of its 2014 Survey on Distributed Denial of Service (DDoS), sponsored by Corero Network Security, in which 378 IT professionals answered questions about their experience with DDoS attacks and their ability to protect their assets.

"DDoS attacks are affecting every sector," says Deb Radcliff, executive editor of the SANS Analyst Program. "They are no longer solely based on volume, they are also targeting applications and managing to deny service on those applications."

In fact, the weighted averages of survey responses indicate that enterprises experience 4.5 DDoS events per year that span a bandwidth of 1.7 GB, last 8.7 hours, and cause costly outages lasting 2.3 hours for enterprises.

According to John Pescatore, SANS director of emerging security trends and the author of this survey, "Too many enterprises are not prepared to deal with DDoS attacks."

In the survey, 39% of respondents either didn't have a DDoS mitigation plan or were unaware of one existing for their organization. Of those who do have a plan, only 50% have ever tested that plan.

The survey uncovered several deficiencies. Pescatore continues, "Common deficiencies we found were relying on the production infrastructure to protect itself and failing to regularly test dedicated DDoS mitigation processes and controls when they were in place."

Other results determine the most valued factor in a DDoS mitigation solution to be preventing damage to specific applications, followed by preserving bandwidth and handling high-volume attacks. These choices reflect the concern to protect against accidentally interrupting legitimate business sessions. Fully automated solutions that require little to no human intervention were not in demand.

Results and insights surrounding DDoS and mitigation techniques will be released during a webcast on Thursday, March 20, at 1 PM EST. To register for the complimentary webcast please visit: http://www.sans.org/info/155085

Those who register for these webcasts will be given access to an advanced copy of the associated report developed by John Pescatore.

About Corero Network Security

Corero Network Security, an organization's First Line of Defense(R) against DDoS attacks and cyber threats, is a pioneer in global network security. Corero products and services provide Online Enterprises, Service Providers, Hosting Providers and Managed Security Service Providers with an additional layer of security capable of inspecting Internet traffic and enforcing real-time access and monitoring policies designed to match the needs of the protected business. Corero technology enhances any defense-in-depth security architecture with a scalable, flexible and responsive defense against DDoS attacks and cyber threats before they reach the targeted IT infrastructure allowing online services to perform as intended. For more information, visit www.corero.com.

SANS Media Contact

About SANS Institute

The SANS Institute was established in 1989 as a cooperative research and education organization. SANS is the most trusted and, by far, the largest provider of cyber security training and certification to professionals at governments and commercial institutions world-wide. Renowned SANS instructors teach over 50 different courses at more than 200 live cyber security training events as well as online. GIAC, an affiliate of the SANS Institute, validates employee qualifications via 30 hands-on, technical certifications in information security. The SANS Technology Institute, a regionally accredited independent subsidiary, offers master's degrees in cyber security. SANS offers a myriad of free resources to the InfoSec community including consensus projects, research reports, and newsletters; it also operates the Internet's early warning system--the Internet Storm Center. At the heart of SANS are the many security practitioners, representing varied global organizations from corporations to universities, working together to help the entire information security community. (https://www.sans.org)